Michael B Allen [EMAIL PROTECTED] writes:
Hi Shawn,
Active Directory is the name of Microsoft's KDC/LDAP server. So there's
no such thing as Active Directory server on linux. You could setup a
KDC (MIT, Heimdal, etc) or an LDAP server (OpenLDAP, Fedora Directory
Server) on your Linux machine
Hi All.
We have a setup with several Active Directory domains that individually
trusts
each other. Each domain translates into each own Kerberos REALM as far
as I'm understanding the systems.
But prinicipals are unique across the realms. Thus if [EMAIL PROTECTED] exixts,
then
It doesn't
You could try one of the commercial products such as VAS (Quest) or
DirectControl (Centrify). I believe they both have quite good support
for multiple domains.
-- Luke
--
Kerberos mailing list Kerberos@mit.edu
JK (Jesper Agerbo Krogh) wrote:
Hi All.
We have a setup with several Active Directory domains that individually
trusts
each other. Each domain translates into each own Kerberos REALM as far
as I'm understanding the systems.
Yes.
But prinicipals are unique across the realms. Thus
Mike Dopheide wrote:
Hhmm.. okay. First of all, you don't want to have the same keys in
krb5.keytab on both systems. A system should really only have keys for
itself and any services it provides (like host/hostname, ftp/hostname,
etc).
Ah, right, OK. Misapprehension there on my part;
Additional info:
Local login works using pam_unix...
Even if I put pam_unix to be optional (ie all passwords are accepted)
it works - except if I put in the right password from the AD.
So its something with the kerberos process in pam_krb5...
j-
Hi Tom,
I implemented the changes suggested by you for MIT krb5 Security Advisory
2006-001 in the ksu utility. I am always observing below message when I
exit from the ksu shell. I tested it on AIX and Linux. Behavior is same.
--
# ksu tester
Changing uid
Sachin == Sachin Punadikar [EMAIL PROTECTED] writes:
Sachin Hi Tom,
Sachin I implemented the changes suggested by you for MIT krb5 Security
Advisory
Sachin 2006-001 in the ksu utility. I am always observing below message when I
Sachin exit from the ksu shell. I tested it on AIX and Linux.
To Whom it may concern:
I suspect the use of a Kerberos infestation through an addressable worm.
I would need to research the known worm, but I have found the origin to
be a doc file from an archive set, dating back to early versions of
word. The ultimate effect was the destabilization of a
Hello Calin,
I was trying to follow your documentation to configure SSO on SAP R/3 on
Aix to Windows AD, using BC-SNC adapter and Kerberos. I got the
following error message in work process trace files. If you could give
me any leads I will appreciate it.
SncInit(): found
10 matches
Mail list logo